<? session_start();
include 'constants.php';
include 'functions.php'; 

if($_POST){
	$db=new SQLiteDatabase("db/mandi");
	$employee = sanitize(urldecode($_POST['employee']));
	$sold = sanitize(urldecode($_POST['sale']));
	
	$query = "UPDATE sale_table SET departed_timestamp = ".
		time()." WHERE employee_number = ".$employee." AND sold_timestamp = ".$sold;
	
	$error_msg;
	if(@$db->queryExec($query, $error_msg)){
		//success! erase POST variables so a new entry can be made
		$success_msg = true;
		unset($_POST);
	} else {
		//write error message further down in doc
	}
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>Mandi Exit Form</title>
</head>
<body>
<? include 'navbar.php'; ?>
<div class="body-content">
<h2>Mandi Exit Form</h2>
<?
	if($success_msg){ echo '<p>Exit update successful.</p>'; }
	if($error_msg) { echo '<p>'.$error_msg.'</p>'; } ?>
<form action="" method="POST">
<p>Enter Employee supervising sale: <input type="text" name="employee" value="<?=$_POST['employee']?>"></input></p>
<p>Enter timestamp of sale: <input type="text" name="sale" value="<?=$_POST['sale']?>"></input></p>
<p><input type="submit"></input></p>
</form>
</div>
</body>
</html>